7ffaee2e846bb2069a1daf9432d56bf9a19786dbbe90166ea2e972f24540ea57

Sharing

Copy URL Twitter E-mail

General

Target

7ffaee2e846bb2069a1daf9432d56bf9a19786dbbe90166ea2e972f24540ea57
Size

552KB
MD5

80d847e47eba6ea12184709c40624240
SHA1

24ea7b99d9b2c0d40ef177a403b7c6cdd157d438
SHA256

7ffaee2e846bb2069a1daf9432d56bf9a19786dbbe90166ea2e972f24540ea57
SHA512

471f07929832ead9f55515145028312b111081dc09a100959bbbbcdba6091a00f8c6ae62a8bfed4fbeed69ee31aca036680ab11f267607ca8bed6e6010e740e5
SSDEEP

12288:9MoTXekA4JhAdbhDhs4lmDxlHkaeZ9isavSuzgo:9MorlAuAphDnmD/Erez/

Score

N/A

Malware Config

Signatures

Files

7ffaee2e846bb2069a1daf9432d56bf9a19786dbbe90166ea2e972f24540ea57
.exe windows x86

ec73aa81c667974668681e3915ededba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHAppBarMessage
ExtractAssociatedIconExW

clusapi

ClusterNodeEnum
RemoveClusterResourceNode
ClusterRegSetValue

gdi32

GetDeviceCaps
GetTextFaceW

urlmon

UrlMkSetSessionOption
GetClassFileOrMime

kernel32

CloseHandle
HeapAlloc
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
ExitProcess
AllocConsole
CopyFileW
ReadFileEx
FindFirstChangeNotificationW
Heap32Next
WinExec
SizeofResource
DefineDosDeviceA
GetNamedPipeHandleStateA
GetPrivateProfileIntA
lstrcmpW
InitializeCriticalSection
WriteFileGather
FindAtomA
SetConsoleOutputCP
HeapSetInformation
GetVolumeNameForVolumeMountPointW
SetConsoleActiveScreenBuffer
GetStringTypeExW
GetVersion
GetCalendarInfoW
SetFileAttributesW
AreFileApisANSI
EscapeCommFunction
GetEnvironmentVariableW
ReplaceFileA
GetLastError
GetConsoleTitleA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetSystemTime
CreateConsoleScreenBuffer
VirtualUnlock
HeapValidate
CreateProcessA
SearchPathA
GetVolumePathNamesForVolumeNameW
WriteConsoleW
WaitForMultipleObjects
GetFirmwareEnvironmentVariableA
WriteConsoleOutputCharacterA
CompareFileTime
SetProcessShutdownParameters
SetProcessWorkingSetSize
lstrcmpiA
DebugActiveProcess
WTSGetActiveConsoleSessionId
WritePrivateProfileSectionW
Module32Next
SetEnvironmentVariableA
TerminateProcess
InitAtomTable
WaitForSingleObject
GetACP
MapUserPhysicalPages
IsBadStringPtrW
CommConfigDialogW
FindActCtxSectionGuid
SetErrorMode
GetSystemTimeAdjustment
FreeConsole
GetGeoInfoA
Sleep
VirtualQueryEx
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
HeapReAlloc
GetTimeZoneInformation
HeapFree
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
WideCharToMultiByte
ExitProcess
DeleteCriticalSection
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
CompareStringA
CompareStringW
SetConsoleCtrlHandler
GetModuleHandleW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCurrentProcess
UnhandledExceptionFilter
ReadFile
VirtualProtect
GetSystemInfo
VirtualQuery
CreateFileA

user32

wvsprintfW
InvalidateRect
LoadCursorW
GetLastActivePopup
MessageBoxA

oleaut32

VarR8FromBool

pdh

PdhOpenQueryA

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ry
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

P>9
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7I2 :
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ec73aa81c667974668681e3915ededba

Headers

File Characteristics

Imports

shell32

clusapi

gdi32

urlmon

kernel32

user32

oleaut32

pdh

Sections

.text Size: 160KB - Virtual size: 158KB

.data Size: 52KB - Virtual size: 56KB

CODE Size: 36KB - Virtual size: 32KB

ry Size: 28KB - Virtual size: 24KB

P>9 Size: 32KB - Virtual size: 28KB

.erloc Size: 24KB - Virtual size: 22KB

7I2 : Size: 32KB - Virtual size: 30KB

DATA Size: 184KB - Virtual size: 182KB

.text
Size: 160KB - Virtual size: 158KB

.data
Size: 52KB - Virtual size: 56KB

CODE
Size: 36KB - Virtual size: 32KB

ry
Size: 28KB - Virtual size: 24KB

P>9
Size: 32KB - Virtual size: 28KB

.erloc
Size: 24KB - Virtual size: 22KB

7I2 :
Size: 32KB - Virtual size: 30KB

DATA
Size: 184KB - Virtual size: 182KB